You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2015/07/03 03:03:44 UTC

[Bug 58097] New: [feat] Preserve original connecting IP

https://bz.apache.org/bugzilla/show_bug.cgi?id=58097

            Bug ID: 58097
           Summary: [feat] Preserve original connecting IP
           Product: Apache httpd-2
           Version: 2.5-HEAD
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_remoteip
          Assignee: bugs@httpd.apache.org
          Reporter: viktor@szepe.net

Please consider adding an option to preserve the original connecting IP that
was in REMOTE_ADDR and that got overwritten.

Thank you!

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 58097] [feat] Preserve original connecting IP

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58097

William A. Rowe Jr. <wr...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |WORKSFORME
             Status|NEW                         |RESOLVED

--- Comment #4 from William A. Rowe Jr. <wr...@apache.org> ---
This is already documented in the httpd docs;

"In overriding the client IP, the module stores the list of intermediate hosts
in a remoteip-proxy-ip-list note, which mod_log_config can record using the
%{remoteip-proxy-ip-list}n format token. If the administrator needs to store
this as an additional header, this same value can also be recording as a header
using the directive RemoteIPProxiesHeader."

As Mike points out, %{c}a in 2.4 also tracks the immediate connection's IP
address (although mod_remoteip may unwind a number of intermediates and these
all get tracked in the field noted above).  Since you are using a backport,
this is unlikely to be helpful.

And as this module was introduced in 2.4, there is no remaining issue here to
address, chalking this up as asked and answered.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 58097] [feat] Preserve original connecting IP

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58097

Eric Covener <co...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|normal                      |enhancement

--- Comment #1 from Eric Covener <co...@gmail.com> ---
You may want to elaborate on the requirement

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 58097] [feat] Preserve original connecting IP

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58097

Szépe Viktor <vi...@szepe.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |viktor@szepe.net
                 OS|                            |All

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 58097] [feat] Preserve original connecting IP

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58097

--- Comment #2 from Szépe Viktor <vi...@szepe.net> ---
I was compiling mod_remoteip back-ported to 2.2 to use in with a CloudFlare
protected website.
Then I suddenly realized that the original connecting IP would get overwritten
thus disappear. I'd like to log that also in case of a break-in attempt.

Please make it available in another variable.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 58097] [feat] Preserve original connecting IP

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58097

Szépe Viktor <vi...@szepe.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|viktor@szepe.net            |

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 58097] [feat] Preserve original connecting IP

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=58097

--- Comment #3 from Mike Rumph <mi...@oracle.com> ---
The underlying client IP of the connection is already available in the %{c}a
format string.

- http://httpd.apache.org/docs/2.4/mod/mod_remoteip.html 
- http://httpd.apache.org/docs/2.4/mod/mod_log_config.html#formats 

This code was added to trunk in r1204968 .

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org